package com.leeoohoo.token;


import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
import reactor.core.publisher.Mono;

import java.security.Principal;
import java.util.HashMap;
import java.util.Map;

@RestController
public class TokenHandler {

    /**
     * 普通用户访问
     * post
     *
     * @return
     */
    @PreAuthorize("hasAnyAuthority('USER')")
    @RequestMapping(value = "/user1/save", method = {RequestMethod.GET, RequestMethod.POST})
    @ResponseBody
    public Mono<String> user(Principal principal) {
        System.out.println(principal.getName());
        return Mono.just("hello " + principal.getName());
    }


    /**
     * 超管用户访问
     *
     * @return
     */
//    @PreAuthorize("hasPermission('ROLE_ADMIN')")
//    @Secured("ROLE_ADMIN")
    @PreAuthorize("hasRole('ADMIN')")
    @RequestMapping(value = "/admin", method = {RequestMethod.GET, RequestMethod.POST})
    @ResponseBody
    public Mono<String> admin(Principal principal, Authentication authentication) {
        System.out.println(authentication.getAuthorities());
        System.out.println(principal.getName());
        return Mono.just("admin " + principal.getName());
    }

    @RequestMapping(value = "/login", method = {RequestMethod.GET, RequestMethod.POST})
    @ResponseBody
    public Mono<Object> login(ServerHttpResponse response) {
        Map<String, String> responseMap = new HashMap<>();
        responseMap.put("code", "failure");
        responseMap.put("msg", "您还未登录");
        response.setStatusCode(HttpStatus.UNAUTHORIZED);
        return Mono.just(responseMap);
    }

}
